May 22, 2023

How to STOP Chrome automatically redirect HTTP to HTTPS

Update - 27/06/2023

I just realised in my blog post page that when you click the HSTS settings link, chrome will block it.

image-20230627165701982

So now I have separated the link. Now you can copy the link and paste it into the URL address bar to enter the HSTS settings.


Forward

It is annoying and a bit painful when you developing your website and Chrome automatically redirects it from http to the https version all the time.

For example, if you have ever visited this site in the https version, after revoking SSL certificates, Chrome will always send you the https version, which will raise a security issue that blocks you from visiting this site.

If you have visited https://immistress.site before, when you are trying to visit http://immistress.site, you will never go back to it.


How to solve it?

Step 1: Open HSTS settings chrome://net-internals/#hsts in net-internals in Chrome

Step 2: Delete domain security policies by entering the URL that you want to delete and click Delete.

Screenshot 2023-05-22 at 7.28.09 pm


Now Chrome should have deleted the security policies for the domain you entered.

Go back to your site to test, you should be able to visit it in the http version.



Reference

About this Post

This post is written by Andy, licensed under CC BY-NC 4.0.

#Network